Australia starts recruiting after hacking frenzy exposes 56% of the population in just six weeks
A swathe of hacks on some of Australia’s biggest companies has made the country a target for copycat attacks just as a skills shortage leaves an understaffed, overworked cybersecurity workforce ill-equipped to stop it, technology experts said.
As Monday saw the disclosure of another potential breach of sensitive data - a ransomware attack on a communication platform for military personnel - cybersecurity experts put a wave of highprofile breaches down to a common factor: human error.
Between Australia’s second biggest telecoms company Optus, owned by Singapore Telecommunications Ltd, and the country’s biggest health insurer, Medibank Private Ltd, some 14 million customer accounts have had data hacked equivalent to 56% of the population - since September 22 alone.
The workforce weakness assertion points to a problem with no quick fix.
After the Covid border closures which ended in late 2021, Australian immigration officials say they are still working through one million visa applications from people seeking to work in the country, many in technology and cybersecurity jobs for employers looking to fill vacancies abroad.
“They don’t have enough trained people to take it seriously and do what is needed,” said Sanjay Jha, chief scientist at the University of New South Wales institute for cybersecurity.
“Sometimes you’re ticking a box in an Excel spreadsheet and you don’t understand what you’re doing, and then the outcome is not going to be great. You need people who are really skilled and trained properly.”
With hacking software easier to acquire online and the shift to working from home leaving more weak spots in company networks, the number of data breaches has tripled globally in two years, according to cybersecurity industry research. This week 37 countries, including Australia, will meet at the White House with the goal of tackling ransomware and other cyber crime.
The uptick has sent shockwaves through corporate Australia in particular due to the high visibility of targets and the sensitivity of their data.
“It’s a rich country, a firstworld country that does a lot of business, that has a lot of data, so therefore it is targeted,” said Win-li Toh, principal at actuary firm Taylor Fry, who specialises in cybersecurity risk.
Companies are offering premiums of up to 50% on starting salary offers for cybersecurity workers due to a “deep talent deficit“, said Nicole Gorton, a director at specialist recruiter Robert Half.
Neil Curtis, an Australian cybersecurity executive of U.S. technology contractor DXC Technology Co, who runs a programme retraining military veterans in cybersecurity, said he had requests for about 300 trained personnel in the next six months.